Data privacy concerns were analyzed in a recent report by ISACA. According to the report, 43% say their privacy budget is underfunded and 36% say their budget is appropriately funded. When looking at the year ahead, 24% say that they expect budget will increase (down 10 points from last year). Fifty-one percent expect a decrease in budget, which is significantly higher than last year when 12% expected a decrease in budget.
When looking at common privacy failures, respondents pinpointed the lack of or poor training (49%), not practicing privacy by design (44%) and data breaches (42%) as the main concerns. One of the ways that organizations are mitigating both workforce gaps and privacy failures is through training. Half of respondents note they are training to allow non-privacy staff to move into privacy roles, while 39% are increasing usage of contract employees or outside consultants.
With employee training, 86% indicate their organization provides privacy awareness training for employees, with 66% providing training to all employees annually and 52% of respondents providing privacy awareness training to new hires. Respondents note that their organizations are most often looking at the number of employees completing training (65%) as the main metric used to track effectiveness of privacy training, not a decrease in privacy incidents (56%).
Despite the challenges faced, 63% of organizations say they did not have a material privacy breach in the past 12 months, and 18% are not seeing a change in the number of breaches they are experiencing. Respondents are also optimistic: less than one in five say they expect a material privacy breach in the next 12 months.
Read the full report here.